I use it on my development machine (i.e. my laptop), so I don’t really bother about security at Apache level, and I take care of security at firewall/other levels.

If you are going to use above technique/configuration, please understand everything (by reading documentation) before you use it.

This set up works for me and solves some problems for me – I don’t have to change default directory permissions, and I don’t have to keep my projects within ~/Sites or /Library/WebServer/Documents directory.